Description
The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution.
Published: 2026-04-01
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability is a use‑after‑free condition in the list box calculation logic of Foxit PDF products. When the application processes a document, stale references to deleted or re‑created page or form objects may be dereferenced during a calculation, allowing an attacker to craft a document that triggers the routine and potentially execute arbitrary code with the privileges of the PDF reader or editor.

Affected Systems

Foxit Software Inc. products Foxit PDF Editor and Foxit PDF Reader are affected. No specific versions are listed, so all installed versions should be considered at risk until an update is applied. The vulnerability exists in both the editor and the reader components and can be triggered by any instance that loads a maliciously crafted PDF.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity. An EPSS score is not available, so the exact likelihood of exploitation cannot be quantified. The vulnerability is not listed in the CISA KEV catalog, suggesting no confirmed exploitation in the wild as of the data provided. It is inferred that the likely attack vector is a crafted PDF document presented to the user or automatically opened. If a user opens such a document in Foxit PDF Editor or Reader, the use‑after‑free can be triggered, allowing an attacker to execute code with the application's privileges.

Generated by OpenCVE AI on April 1, 2026 at 05:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest available patch from Foxit’s security bulletin website.

Generated by OpenCVE AI on April 1, 2026 at 05:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader
Vendors & Products Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 01 Apr 2026 04:30:00 +0000

Type Values Removed Values Added
References

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution.
Title Foxit PDF Editor/Reader List Box Calculate Array Use-After-Free Vulnerability
Weaknesses CWE-416
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Foxitsoftware Foxit Pdf Editor Foxit Reader
cve-icon MITRE

Status: PUBLISHED

Assigner: Foxit

Published:

Updated: 2026-04-02T02:14:05.708Z

Reserved: 2026-03-08T03:43:28.979Z

Link: CVE-2026-3779

cve-icon Vulnrichment

Updated: 2026-04-01T03:06:18.215Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-01T02:16:03.043

Modified: 2026-04-01T14:23:37.727

Link: CVE-2026-3779

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T08:58:52Z

Weaknesses